0 votes
by (140 points)

When I click the "Use it online" link at twinery.org on my iPad/iPhone (and in Chrome spoofing iOS), I get shady-looking marketing popups that redirect several times before settling on something like "Urgent Notification: Your iPad is infected with 6 viruses! Follow these instructions below to remove the virus."

I tried this on 2 devices, my desktop, and a remote computer simulating iOS. So I know it's not just me.

This doesn't feel like it's an intentional choice from Twine, and I've never seen such advertising from Twine before... Are these popups supposed to be there?

(And if so... It's not a good choice to choose to display deceptive spam.)

Screenshot from iPad on Imgur / Screencast of Chrome spoofing iOS on Dropbox

4 Answers

+1 vote
by (590 points)
i've never had any problems for the past month

no problems using windows 7 32bit firefox, also none from my old android phone, both of which haven't been updated in several years so if i can view it successfully without any intrusive ads it's a good sign

you used remote computer, but i don't think that qualifies as a sandbox to isolate from any problems and anything on your system can affect it maybe
by (100 points)
I read your answer thiisi is so nice and related to given question.
0 votes
by (63.1k points)
This sounds like malware. Maybe try clearing your browsing data (make sure to create a backup of your Twine projects) and running a scan, if possible. It's odd that its happening to you on two systems, but not completely unheard of; wherever the infection came from, it might be a source you visit on both.

Testing on my own iPad, I'm not having this issue, but that's really neither here nor there. Twine is completely ad-free, open source, and non-commercial as far as I know.
+1 vote
by (810 points)
edited by
I also tried this on two devices, an iPad on iOS 8 and an iPhone on iOS 10, and got the spam on them both.   I got it for other links on the home page, not just the "use online" link, so the malware seems to affect the whole page. It would only happen once unless I cleared all website data; then I could get it to happen again.  I didn't get it when going straight to the Twine app by the direct URL.  It opens in a second tab; the intended page still opens in the current tab.

No other websites were doing this before, so I think there's something on the twinery.org server or (less likely) on one of the CDNs or the Twitter code it imports.

P.S.:  I ran a scanner on it, which said the malware was in http://twinery.org/js/lightbox.min.js.
+4 votes
by (2.5k points)
First of all, no, there should be no ads on twinery.org, let alone malware. Thank you so much for identifying this problem. From looking at the Wayback Machine, it looks like a file in the Twine web site was infected with malware sometime in July of this year. I don't yet know how this happened.

I've removed the malware, and am working on a broader plan to address the issue. Please stay tuned.
by (2.5k points)
A longer explanation of what happened is here: http://chrisklimas.com/twinery-org-has-changed-servers/